bh: utils/testing create_ldap_users.py,1.7,1.8
cvs at kolab.org
cvs at kolab.org
Mon May 18 20:31:05 CEST 2009
Author: bh
Update of /kolabrepository/utils/testing
In directory doto:/tmp/cvs-serv11134/testing
Modified Files:
create_ldap_users.py
Log Message:
Add --set-password option to set the password of the new user accounts.
The password is salted and hashed using the SSHA method and put into the
userPassword attribute.
Index: create_ldap_users.py
===================================================================
RCS file: /kolabrepository/utils/testing/create_ldap_users.py,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- create_ldap_users.py 18 May 2009 17:23:38 -0000 1.7
+++ create_ldap_users.py 18 May 2009 18:31:03 -0000 1.8
@@ -43,6 +43,8 @@
import ldap.modlist
import getpass
import time
+import sha
+import base64
def open_ldap(ldapuri, admin_dn_part, pwd = None):
conn = ldap.initialize(ldapuri)
@@ -65,8 +67,23 @@
conn.modify_s(dn, [(ldap.MOD_ADD, "kolabDeleteFlag", hosts)])
print dn, hosts
+def random_salt(length):
+ """Returns a random salt for use with salted password hashes"""
+ random = open("/dev/urandom")
+ try:
+ return random.read(length)
+ finally:
+ random.close()
-def add_user(conn, num_users, offset):
+SSHA_PREFIX = "{SSHA}"
+def encode_ssha(password, salt):
+ """SSHA-Encodes the password with the given salt"""
+ digester = sha.new(password)
+ digester.update(salt)
+ return SSHA_PREFIX + base64.b64encode(digester.digest() + salt)
+
+
+def add_user(conn, num_users, offset, set_password=None):
kolab_info = fetch_kolab_info(conn)
mail_domain = kolab_info["postfix-mydomain"][0]
@@ -79,6 +96,9 @@
'kolabInvitationPolicy': ['ACT_MANUAL'],
}
+ if set_password is not None:
+ common_attrs["userPassword"] = encode_ssha(set_password, random_salt(8))
+
users = [("test%d" % n, "auto", "autotest%d" % n)
for n in range(offset, num_users + offset)]
for sn, givenName, mailuid in users:
@@ -136,10 +156,11 @@
entry_type = "user"
group_member = None
offset = 0
+ set_password = None
opts, args = getopt.getopt(sys.argv[1:], 'h:p:u:n:o:t:',
["host=", "port=", "user=", "num=", "offset=",
- "type=", "member="])
+ "set-password=", "type=", "member="])
for optchar, value in opts:
if optchar in ("-h", "--host"):
hostname = value
@@ -149,6 +170,8 @@
admin_dn_part = value
elif optchar in ("-o", "--offset"):
offset = int(value)
+ elif optchar == "--set-password":
+ set_password = value
elif optchar in ("-t", "--type"):
entry_type = value
elif optchar == "--member":
@@ -183,7 +206,7 @@
conn = open_ldap(uri, admin_dn_part, pwd)
if entry_type == "user":
if cmd == "add":
- add_user(conn, num_entries, offset)
+ add_user(conn, num_entries, offset, set_password=set_password)
elif cmd == "delete":
delete_auto_users(conn, offset)
elif entry_type == "group":
More information about the commits
mailing list